The use of Storage Area Networks (SANs) continues to grow. Generally described, a SAN is a specialized network of storage devices that are connected to each other and to a server or cluster of servers that act as an access point to the SAN. SAN's typically use special switches as a mechanism to connect the storage devices. Typically the switches are Fibre Channel based switches.
A SAN provides many advantages to users requiring large amounts of storage. First, a SAN helps to isolate storage activity from a general purpose network. For example, a SAN can be providing data to users on the general purpose network at the same time it is being backed up for archival purposes. The data traffic associated with the backup does not compete for bandwidth on the general purpose network, it typically stays on the specialized network.
An additional advantage is that a SAN can be reconfigured, i.e. storage can be added or removed, without disturbing hosts on the general purpose network.
Recently the iSCSI protocol has provided a means for computers on a TCP/IP based network to take advantage of SAN technology without the need for purchasing and installing expensive Fibre Channel interfaces and software for each host desiring access to the SAN. The iSCSI protocol has provided increased flexibility in the location of SANs with respect to the hosts that accesses the SAN, because the SAN and the host need only have a TCP/IP based network in order to communicate.
Security issues related to SANs have not generally been considered as a problem with past systems. In these systems, the SAN was typically connected to a host via a fibre channel network. In these environments the host may provide for security and access control to the SAN network. However, in the case of iSCSI, any host on a TCP/IP network that can reach the SAN may attempt to access the SAN. In such an environment, users may be able to access data on the SAN that they were not meant to see, and a malicious user may damage or delete data on the SAN. As a result, there is a need in the art for the present invention.